<?php
session_start(); //Starts sessions
if(isset($_SESSION['userNum'])){ //If the session variable is already set, get all session variables
$userNum = $_SESSION['userNum'];
$server = $_SESSION['server'];
$user = $_SESSION['user'];
$pass = $_SESSION['pass'];
$db = $_SESSION['db'];
}else{
header('Location: home.php');//else, redirect user to home
}
?>
<html>
<head>
<title>Candidates - APC Voting System</title>
<style type="text/css">
.style1 {
	border-collapse: collapse;
}
.style2 {
	border-collapse: collapse;
	background-image: url('images/bg.png');
}
</style>
</head>

<body>
<font face = "Arial">
<table style="width: 810px; height: 104px" border="0" cellspacing="0" cellpadding="0" class="style1">
<tr>
<td colspan="6" style="height: 104px">
<img src="images\header.png"></td>
</tr>
</table>

<table style="width: 810px" background="images\menu.png" cellspacing="0" cellpadding="0">
<tr >
<td style="width: 11px; height: 40px">
&nbsp;</td>
<td style="width: 84px; height: 40px">
<a href="home.php"><img src="images\homeS.png"></a></td>
<td style="width: 84px; height: 40px">
<a href="vote.php"><img src="images\voteS.png"></a></td>
<td style="width: 84px; height: 40px">
<a href="candidates.php"><img src="images\candidateS.png"></a></td>
<td style="width: 84px; height: 40px">
<?php //Admin button will show for admins, Result button for voters
	//Connect to database first
	mysql_connect($server,$user,$pass) or die(mysql_error());
	mysql_select_db($db) or die(mysql_error());
	$checkPermission = mysql_query("SELECT voter_permission from voters where voter_num = '".$userNum."'");
		while($row = mysql_fetch_array($checkPermission)){
		$permission = $row['voter_permission']; //Get the permission of user
		}
	if($permission == 'Admin'){ //If the user is an Administrator
	    echo "<a href='admin.php'><img src='images\adminS.png'></a>";		
	}elseif($permission == 'Voter'){ // If the user is a Voter
	    echo "<a href='results.php'><img src='images/resultS.png'></a>";
	}else{
        //Do nothing - no button will be shown
	}
?>
</td>
<td style="width: 447px; height: 40px">
</td>
<td style="width: 84px; height: 40px">
<a href="logout.php"><img src="images\logoutS.png"></a></td>
</tr>
</table>
<table style="width: 810px; height: 73px" cellspacing="0" cellpadding="0" class="style2">
<tr>
<td style="height: 76px; width: 28px;"></td>
<td style="height: 76px" width="808px">
<?php
// Using get method, use the information from hyperlink to show candidates
$num =$_GET['pos']; // The position chosen
$name = $_GET['name']; // The name of position
//The two are required to ensure that information shown is accurate

if($num > 0){ //This means that the position chosen if from the database
              //The position number started at number 1

//Connect to database			  
mysql_connect($server,$user,$pass) or die(mysql_error());
mysql_select_db($db) or die(mysql_error());

// Get all candidates with the parameters chosen by the user
$result = mysql_query("SELECT c.Cand_Num, c.Cand_Pos, c.Cand_Name, c.Cand_Party, c.Cand_Platform, p.pos_name FROM candidates c ,positions p WHERE c.Cand_Pos = p.pos_num and c.Cand_Pos =".$num." and p.pos_name ='".$name."' order by c.cand_num") or die(mysql_error());  

// The output in html
echo "<br><h2>View all candidates for ".$_GET['name']."</h2>";
while($row = mysql_fetch_array( $result )){ //Get all candidates, this will loop until all candidates are shown

	echo "<table style='height: 175px; width: 483px'><tr>";
	echo "<td style='width: 259px; height: 32px; background-color:silver'>Name: <font color = 'white'>".$row['Cand_Name']."</font></td>";
	echo "<td style='width: 212px' rowspan='4' ><img src='images/candidates/".$row['Cand_Num'].".png' width = '212' height = '248'></td></tr>";
	echo "<tr><td style='width: 259px; height: 41px; background-color:silver'>Party: <font color = 'white'>".$row['Cand_Party']."</font></td></tr>";
	echo "<tr><td style='width: 259px; height: 41px; background-color:silver'>Platform:</td></tr>";
	echo "<tr><td style='width: 259px; height: 130px'><font face='Times New Roman'><textarea readonly style='height: 124px; width: 254px'>";
	echo $row['Cand_Platform']."</textarea></font></td></tr>";
	echo "<tr><td align='right' style='background-color:#CCCC99;height: 20px;border: 1px solid #000000' colspan = '2'>";
	echo "<input type='image' name='editAction' value= 'Remove Candidate' src='images/remove.png' border='0' title='Remove ".$row['Cand_Name']." as candidate'/>";
	echo "<input type='image' name='editAction' value= 'Edit Candidate' src='images/add.png' border='0' title='Edit information about ".$row['Cand_Name']."'/>";
	echo "</td></tr></table><br>";
	
}


}else{ // Means there are no parameters set yet, indicating the user needs to choose

//Connect to database
mysql_connect($server,$user,$pass) or die(mysql_error());
mysql_select_db($db) or die(mysql_error());

//Get all the positions
$result = mysql_query("SELECT * FROM positions") or die(mysql_error());  

//HTML output
echo "<br><h2>Select a government position</h2>";
while($row = mysql_fetch_array( $result ))
{
//Create hyperlinks to be used as a GET method
echo "<br><a href = 'posCandidates.php?pos=".$row['pos_num']."&name=".$row['pos_name']."'>".$row['pos_name']."</a> ";
}}?>
</td>
</tr>
<tr>
<td width="8px" colspan="2"><img src="images\end.png"></td>


</tr>
</table>

</body>

</html>
